Kernel oops when using kprobes
Sorin Baltateanu
baltateanu.sorin at gmail.com
Wed Jan 4 06:27:37 EST 2012
Hi,
I am trying to use a kprobe module on an android platform( linux + arm ).
Even if this has no connection with my problem i've thought that i should
mention that I've disabled the FTRACE support and enabled KPROBES( the
proprietary drivers wont work with both FTRACE and KPROBES).
When i am trying to insert my module, i get an oops. The source of it is
the next line of code:
*p->addr = KPROBE_BREAKPOINT_INSTRUCTION;
from the function arch_arm_kprobe ( arch/arm/kernel/kprobes.c ).
I suspect the reason for the oops is that the memory region is in kernel
text region and is marked as read only. When trying to add the breakpoint a
memory protection violation rises.
In order to test if this is the issue, i've added the next lines of code in
arch_arm_kprobe:
struct mm_struct *mm = current->mm;
unsigned long addr = (unsigned long)p->addr;
pgd_t *pgd; pmd_t *pmd; pte_t *pte;
spinlock_t *ptl;
printk(KERN_ALERT "HERE kprobe&=[%p] p->addr = [%p]",p,p->addr);
down_read(&mm->mmap_sem);
pgd = pgd_offset(mm, addr);
if (!pgd_present(*pgd)) {
printk(KERN_ALERT "BAD pgd [%p]",pgd);
up_read(&mm->mmap_sem);
return;
}
pmd = pmd_offset(pgd, addr);
if (!pmd_present(*pmd)) {
printk(KERN_ALERT "BAD pmd [%p]",pmd);
up_read(&mm->mmap_sem);
return;
}
pte = pte_offset_map_lock(mm, pmd, addr, &ptl);
printk( KERN_ALERT "PTE=[%p]",pte);
if( !pte_present(*pte) ) {
printk( KERN_ALERT "NOT PRESENT");
pte_unmap_unlock(pte, ptl);
up_read(&mm->mmap_sem);
return;
}
if( !pte_write(*pte) ) {
printk( KERN_ALERT "Is not Write");
pte_unmap_unlock(pte, ptl);
up_read(&mm->mmap_sem);
return;
}
pte_unmap_unlock(pte, ptl);
up_read(&mm->mmap_sem);
*p->addr = KPROBE_BREAKPOINT_INSTRUCTION;
The branch !pte_write(*pte) was not taken. What i should try next?
<1>[ 18.699348] HERE kprobe&=[bf0005a4] p->addr = [c0237524]
<1>[ 18.699357] PTE=[c02198dc]
<1>[ 18.699370] Unable to handle kernel paging request at virtual address
c0237524
<1>[ 18.699380] pgd = d52b8000
<1>[ 18.699387] [c0237524] *pgd=4041940e(bad)
<0>[ 18.699402] Internal error: Oops: 80d [#1] PREEMPT SMP
<0>[ 18.703496] last sysfs file:
/sys/devices/system/cpu/cpu0/rq-stats/def_timer_ms
<4>[ 18.710788] Modules linked in: VMXProber(+)
<4>[ 18.714957] CPU: 0 Not tainted (2.6.35.11-perf #9)
<4>[ 18.720086] PC is at arch_arm_kprobe+0x15c/0x1ac
<4>[ 18.724679] LR is at arch_arm_kprobe+0x150/0x1ac
<4>[ 18.729281] pc : [<c0738754>] lr : [<c0738748>] psr: 00000013
<4>[ 18.729286] sp : d52b1ed0 ip : 0000731e fp : bedfb860
<4>[ 18.740736] r10: 00000001 r9 : d52b0000 r8 : d6ba5d74
<4>[ 18.745944] r7 : 00000080 r6 : d6ba5d84 r5 : bf0005a4 r4 : d52b0000
<4>[ 18.752456] r3 : c0237524 r2 : e7f001f8 r1 : 00000000 r0 : c083cce1
<4>[ 18.758966] Flags: nzcv IRQs on FIQs on Mode SVC_32 ISA ARM
Segment user
<4>[ 18.766084] Control: 10c57c7d Table: 554b806a DAC: 00000015
<4>[ 18.771813]
<4>[ 18.771815] PC: 0xc07386d4:
<4>[ 18.776065] 86d4 ebffefa1 f57ff05f e5867000 f57ff04f e320f004
e5943004 e2433001 e5843004
<4>[ 18.784224] 86f4 e5943000 e3130002 0a000000 ebfff20c e1a00008
e8bd47f0 eaea3e40 f57ff05f
<4>[ 18.792384] 8714 e3a03000 e5863000 f57ff04f e320f004 e5943004
e2433001 e5843004 e5943000
<4>[ 18.800544] 8734 e3130002 0a000000 ebfff1fd e1a00008 ebea3e32
e5953014 e59f2040 e59f0040
<4>[ 18.808703] 8754 e5832000 ebffef80 e5950014 e59f3034 e2801004
e1a0e00f e593f00c e59f0028
<4>[ 18.816863] 8774 e8bd47f0 eaffef78 c083cc82 c083cca6 7fe00800
c083ccb6 c083ccc2 c083ccd1
<4>[ 18.825024] 8794 e7f001f8 c083cce1 c0bbcf28 c083cceb e92d4013
e5903014 e1a04000 e3130003
<4>[ 18.833183] 87b4 1a000016 e59f2098 e1530002 3a000015 e59f2090
e1530002 3a000010 ea000011
<4>[ 18.841343]
<4>[ 18.841346] LR: 0xc07386c8:
<4>[ 18.845595] 86c8 e2177080 1a00000f e59f00b8 ebffefa1 f57ff05f
e5867000 f57ff04f e320f004
<4>[ 18.853755] 86e8 e5943004 e2433001 e5843004 e5943000 e3130002
0a000000 ebfff20c e1a00008
<4>[ 18.861915] 8708 e8bd47f0 eaea3e40 f57ff05f e3a03000 e5863000
f57ff04f e320f004 e5943004
<4>[ 18.870075] 8728 e2433001 e5843004 e5943000 e3130002 0a000000
ebfff1fd e1a00008 ebea3e32
<4>[ 18.878235] 8748 e5953014 e59f2040 e59f0040 e5832000 ebffef80
e5950014 e59f3034 e2801004
<4>[ 18.886395] 8768 e1a0e00f e593f00c e59f0028 e8bd47f0 eaffef78
c083cc82 c083cca6 7fe00800
<4>[ 18.894555] 8788 c083ccb6 c083ccc2 c083ccd1 e7f001f8 c083cce1
c0bbcf28 c083cceb e92d4013
<4>[ 18.902714] 87a8 e5903014 e1a04000 e3130003 1a000016 e59f2098
e1530002 3a000015 e59f2090
<4>[ 18.910874]
<4>[ 18.910877] SP: 0xd52b1e50:
<4>[ 18.915127] 1e50 ce07ea68 2020205b 362e3831 35333939 00205d37
000006df d52b0000 da9cd7a0
<4>[ 18.923287] 1e70 bedfb860 ffffffff d52b1ebc d6ba5d84 00000080
c073792c c083cce1 00000000
<4>[ 18.931447] 1e90 e7f001f8 c0237524 d52b0000 bf0005a4 d6ba5d84
00000080 d6ba5d74 d52b0000
<4>[ 18.939606] 1eb0 00000001 bedfb860 0000731e d52b1ed0 c0738748
c0738754 00000013 ffffffff
<4>[ 18.947766] 1ed0 00000000 bf0005a4 00000000 00000000 bf0005ac
d52b0000 00000000 c073b5cc
<4>[ 18.955926] 1ef0 bf0005a4 00000000 d52b1f34 c07380e0 c07381c8
d52b0000 00000001 c073b874
<4>[ 18.964085] 1f10 bf000548 00000000 00000000 000251dc c0100e28
d52b0000 00000000 c073b8c8
<4>[ 18.972245] 1f30 bf0005a4 bf0005a4 d52b1f34 bf003048 bf003000
00000000 d52b0000 bf003000
<4>[ 18.980406]
<4>[ 18.980408] R0: 0xc083cc61:
<4>[ 18.984658] cc60 65747369 000a7372 68637261 6d72612f 72656b2f
2f6c656e 6f72706b 2e736562
<4>[ 18.992817] cc80 313c0063 5245483e 706b2045 65626f72 255b3d26
70205d70 64613e2d 3d207264
<4>[ 19.000979] cca0 70255b20 313c005d 4441423e 646d7020 70255b20
313c005d 4554503e 70255b3d
<4>[ 19.009137] ccc0 313c005d 544f4e3e 45525020 544e4553 3e313c00
6e207349 5720746f 65746972
<4>[ 19.017298] cce0 3e313c00 45524548 3c003220 45483e31 33204552
3e373c00 69776e75 203a646e
<4>[ 19.025457] cd00 204d5241 63617473 6e75206b 646e6977 20676e69
74696e69 696c6169 0a646573
<4>[ 19.033617] cd20 3e343c00 69776e75 203a646e 6e6b6e55 206e776f
626d7973 61206c6f 65726464
<4>[ 19.041777] cd40 25207373 786c3830 373c000a 2873253e 6c383025
25202c78 25202c70 000a2970
<4>[ 19.049936] cd60 753e343c 6e69776e 43203a64 7572726f 75207470
6e69776e 61742064 0a656c62
<4>[ 19.058096]
<4>[ 19.058098] R2: 0xe7f00178:
<4>[ 19.062350] 0178 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.070508] 0198 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.078668] 01b8 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.086828] 01d8 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.094988] 01f8 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.103148] 0218 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.111308] 0238 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.119468] 0258 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.127627]
<4>[ 19.127630] R3: 0xc02374a4:
<4>[ 19.131880] 74a4 e1a00006 e59670d4 e1a01007 ebfdb975 e3570000
1affff68 eaffff71 e1a0300d
<4>[ 19.140040] 74c4 e3a05000 e3c34d7f e5885088 e3c4403f e594300c
e593200c e3c22501 e583200c
<4>[ 19.148200] 74e4 ebfb2b52 e594300c e59810a4 e1a00005 e59320ec
e1c22001 e58320ec eaffffca
<4>[ 19.156360] 7504 c0b02020 c086d39d 00200200 c0ff0f30 c102c814
c003e9ec c0b1f6f0 c0b666c0
<4>[ 19.164519] 7524 e92d41f0 e1a0300d e3c34d7f e1a05000 e3c4403f
e1a08001 e5943004 e2833001
<4>[ 19.172679] 7544 e5843004 e3a03001 e2806d0a e1962f9f e3320000
1320f002 01862f93 03320000
<4>[ 19.180838] 7564 1afffff9 f57ff05f e2807f7a e3a01010 e1a00007
eb051e80 f57ff04f e3a02010
<4>[ 19.188999] 7584 e1a00007 e1a01008 eb053b14 f57ff05f e3a03000
e5863000 f57ff04f e320f004
<4>[ 19.197158]
<4>[ 19.197161] R4: 0xd52aff80:
<4>[ 19.201411] ff80 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.209572] ffa0 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.217731] ffc0 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.225891] ffe0 00000000 00000000 00000000 00000000 58ce75df
5838551f 00000000 00000000
<4>[ 19.234050] 0000 00000000 00000002 00000000 dfa39040 c0b6342c
00000000 00000017 ce0800c0
<4>[ 19.242210] 0020 d52b0000 dfa39040 dfc7d860 d6ba5d40 dfb29380
00000000 d52b1e3c d52b1df0
<4>[ 19.250370] 0040 c0734bec 00000000 00000000 00000000 00000000
00000000 01000000 00000000
<4>[ 19.258529] 0060 afd4d49c 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.266690]
<4>[ 19.266693] R6: 0xd6ba5d04:
<4>[ 19.270944] 5d04 55555555 55555555 55555555 55555555 55555551
55555555 55555155 55555555
<4>[ 19.279102] 5d24 55555555 55555555 55555555 55555555 55555555
55555555 55555555 d5298dc0
<4>[ 19.287263] 5d44 d5298b74 da91ab00 c010c8e0 c021b694 40000000
bf000000 00000000 4002f000
<4>[ 19.295422] 5d64 d52b8000 00000001 00000001 00000016 00000000
00000000 d6ba5d7c d6ba5d7c
<4>[ 19.303582] 5d84 00000000 d6ba5d88 d6ba5d88 0000003f 000000df
00000106 00000000 00000093
<4>[ 19.311742] 5da4 00000082 00000022 00000000 00000000 00000007
00008000 0001a9d4 0001b000
<4>[ 19.319902] 5dc4 0001b938 00021000 00021000 bedfbcc0 bedfbdb1
bedfbdd0 bedfbdd0 bedfbfe9
<4>[ 19.328061] 5de4 00000010 000030d7 00000006 00001000 00000011
00000064 00000003 00008034
<4>[ 19.336221]
<4>[ 19.336224] R8: 0xd6ba5cf4:
<4>[ 19.340474] 5cf4 55555551 55555555 55555555 55555555 55555555
55555555 55555555 55555555
<4>[ 19.348634] 5d14 55555551 55555555 55555155 55555555 55555555
55555555 55555555 55555555
<4>[ 19.356793] 5d34 55555555 55555555 55555555 d5298dc0 d5298b74
da91ab00 c010c8e0 c021b694
<4>[ 19.364953] 5d54 40000000 bf000000 00000000 4002f000 d52b8000
00000001 00000001 00000016
<4>[ 19.373114] 5d74 00000000 00000000 d6ba5d7c d6ba5d7c 00000000
d6ba5d88 d6ba5d88 0000003f
<4>[ 19.381273] 5d94 000000df 00000106 00000000 00000093 00000082
00000022 00000000 00000000
<4>[ 19.389432] 5db4 00000007 00008000 0001a9d4 0001b000 0001b938
00021000 00021000 bedfbcc0
<4>[ 19.397592] 5dd4 bedfbdb1 bedfbdd0 bedfbdd0 bedfbfe9 00000010
000030d7 00000006 00001000
<4>[ 19.405752]
<4>[ 19.405755] R9: 0xd52aff80:
<4>[ 19.410006] ff80 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.418165] ffa0 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.426324] ffc0 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<4>[ 19.434484] ffe0 00000000 00000000 00000000 00000000 58ce75df
5838551f 00000000 00000000
<4>[ 19.442644] 0000 00000000 00000002 00000000 dfa39040 c0b6342c
00000000 00000017 ce0800c0
<4>[ 19.450804] 0020 d52b0000 dfa39040 dfc7d860 d6ba5d40 dfb29380
00000000 d52b1e3c d52b1df0
<4>[ 19.458964] 0040 c0734bec 00000000 00000000 00000000 00000000
00000000 01000000 00000000
<4>[ 19.467124] 0060 afd4d49c 00000000 00000000 00000000 00000000
00000000 00000000 00000000
<0>[ 19.475286] Process insmod (pid: 590, stack limit = 0xd52b02f0)
<0>[ 19.481188] Stack: (0xd52b1ed0 to 0xd52b2000)
<0>[ 19.485530] 1ec0: 00000000
bf0005a4 00000000 00000000
<0>[ 19.493691] 1ee0: bf0005ac d52b0000 00000000 c073b5cc bf0005a4
00000000 d52b1f34 c07380e0
<0>[ 19.501851] 1f00: c07381c8 d52b0000 00000001 c073b874 bf000548
00000000 00000000 000251dc
<0>[ 19.510011] 1f20: c0100e28 d52b0000 00000000 c073b8c8 bf0005a4
bf0005a4 d52b1f34 bf003048
<0>[ 19.518170] 1f40: bf003000 00000000 d52b0000 bf003000 00000000
c01006c8 00000000 00000001
<0>[ 19.526330] 1f60: bf0006e8 00000000 bedfb85c bf0006e8 00000000
bedfb85c 000251dc c0100e28
<0>[ 19.534490] 1f80: d52b0000 c01dc998 40009008 000251dc bedfb85c
0001b6dc bedfb85c 00000000
<0>[ 19.542650] 1fa0: 00000080 c0100c80 0001b6dc bedfb85c 40009008
000251dc bedfb85c 00000001
<0>[ 19.550810] 1fc0: 0001b6dc bedfb85c 00000000 00000080 bedfbdb1
00000002 40009008 bedfb860
<0>[ 19.558970] 1fe0: 0001b7c0 bedfb840 0000bf8d afd0c4fc a0000010
40009008 9eeaaaa2 a82aaaaa
<4>[ 19.567141] [<c0738754>] (arch_arm_kprobe+0x15c/0x1ac) from
[<c073b5cc>] (register_kprobe+0x50c/0x5ac)
<4>[ 19.576420] [<c073b5cc>] (register_kprobe+0x50c/0x5ac) from
[<c073b874>] (register_jprobes+0x4c/0x88)
<4>[ 19.585622] [<c073b874>] (register_jprobes+0x4c/0x88) from
[<c073b8c8>] (register_jprobe+0x18/0x1c)
<4>[ 19.594656] [<c073b8c8>] (register_jprobe+0x18/0x1c) from
[<bf003048>] (prober_module_init+0x48/0x1bc [VMXProber])
<4>[ 19.604986] [<bf003048>] (prober_module_init+0x48/0x1bc [VMXProber])
from [<c01006c8>] (do_one_initcall+0x5c/0x1b8)
<4>[ 19.615403] [<c01006c8>] (do_one_initcall+0x5c/0x1b8) from
[<c01dc998>] (sys_init_module+0x90/0x1ac)
<4>[ 19.624511] [<c01dc998>] (sys_init_module+0x90/0x1ac) from
[<c0100c80>] (ret_fast_syscall+0x0/0x30)
<0>[ 19.633536] Code: ebea3e32 e5953014 e59f2040 e59f0040 (e5832000)
Any ideas how to debug/solve this issue would be great.
Thank you,
Sorin
PS: For a moment i thought that maybe i was trying to access a swapped page
while holding a lock, but that memory region is in kernel text region so it
should not be swapped.
PPS: I don't know if i provided enough informations. If it's the case,
please let me know what else i should specify. Thanks again
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20120104/f0cab01c/attachment-0001.html
More information about the Kernelnewbies
mailing list